http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=13932
Bug ID: 13932
Summary: Allow a header to be considered trusted to provide the
userid
Change sponsored?: ---
Product: Koha
Version: master
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5 - low
Component: Authentication
Assignee: [email protected]
Reporter: [email protected]
QA Contact: [email protected]
CC: [email protected]
When Koha is placed behind an SSO system, it'd be useful to be able to get the
user ID, like happens with basic auth.
This patch allows a header to be considered an authoritative source of user ID.
This only works with a plack-like environment, when apache is running Koha as
CGI I think the headers come through using a different method.
An example configuration would be:
<Location />
... mod_auth_mellon config goes here ...
Header unset X_REMOTE_USER
RequestHeader unset X_REMOTE_USER
RequestHeader set X_REMOTE_USER %{MELLON_sfdcid}e
</Location>
(REMOTE_USER seems to have a special use to apache that means it doesn't work,
hence using X_REMOTE_USER.)
For testing, you can fake it by replacing the variable with something hardcoded
and ignore all the SSO guff.
--
You are receiving this mail because:
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[email protected]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
